public function login() { if (isset($_POST["username"])) { // reaching via HTTP Post... //process login form if ($this->userMapper->isValidUser($_POST["username"], $_POST["passwd"])) { $_SESSION["currentuser"] = $_POST["username"]; $_SESSION["tipoUsuario"] = $this->userMapper->userType($_POST["username"]); switch ($this->userMapper->userType($_POST["username"])) { case "organizador": $this->view->moveToFragment($_POST["username"]); $this->view->redirect("organizador", "index"); break; case "juradoPopular": $this->view->moveToFragment($_POST["username"]); $this->view->redirect("juradoPopular", "index"); break; case "juradoProfesional": $this->view->moveToFragment($_POST["username"]); $this->view->redirect("juradoProfesional", "index"); break; case "establecimiento": $this->view->moveToFragment($_POST["username"]); $this->view->redirect("establecimiento", "index"); break; } } else { $errors = array(); $errors["general"] = "<span id=\"error\">El usuario o la contraseƱa no es correcta</span>"; $this->view->setVariable("errors", $errors); } } // render the view (/view/users/login.php) $this->view->render("users", "login"); }
public function login() { if (isset($_POST["login"])) { // reaching via HTTP Post... //process login form $usuarioLogueado = $this->userMapper->isValidUser($_POST["login"], $_POST["passwd"]); if ($usuarioLogueado) { $_SESSION["currentuser"] = $_POST["login"]; // send user to the restricted area (HTTP 302 code) $this->view->redirect("users", "index"); } else { $errors = array(); $errors["general"] = "Username is not valid"; $this->view->setVariable("errors", $errors); } } // render the view (/view/users/login.php) $this->view->setLayout("index"); $this->view->render("users", "body"); }
public static function login_user($user, $pass) { if ($user && $pass) { if ($usertype = UserMapper::isValidUser($user, $pass)) { return UserMapper::findByEmail($user, $usertype); } else { echo "ERROR: user or password incorrect"; } } else { return "error, fields not validated"; } }
public function update() { $userid = $_REQUEST["usuario"]; $user = $this->userMapper->findById($userid); $errors = array(); $pass = md5($_POST["passActual"]); if ($this->userMapper->isValidUser($_POST["usuario"], $pass)) { if (isset($_POST["usuario"])) { $user->setNombre($_POST["nombre"]); $user->setApellidos($_POST["apellidos"]); $user->setCorreo($_POST["correo"]); if (isset($_FILES['img'])) { $img = $_FILES['img']['name']; $ext = strrchr($img, '.'); $ruta = 'imagenes/user_' . $user->getId() . $ext; if (move_uploaded_file($_FILES['img']['tmp_name'], $ruta)) { $user->setImagen($user->getId() . $ext); } } if (!(strlen(trim($_POST["passNew"])) == 0)) { if ($_POST["passNew"] == $_POST["passNueva"]) { $passNew = md5($_POST["passNew"]); $user->setPassword($passNew); } else { $errors["pass"] = i18n("Passwords must be equal"); $this->view->setVariable("errors", $errors); $this->view->setVariable("user", $user); $this->view->render("users", "modificar"); return false; } } try { $this->userMapper->update($user); $this->view->setFlash(i18n("Modified user correctly")); $this->view->redirect("users", "perfil"); } catch (ValidationException $ex) { $errors = $ex->getErrors(); $this->view->setVariable("errors", $errors); } } } else { $errors["passActual"] = i18n("Incorrect password"); $this->view->setVariable("errors", $errors); $this->view->setVariable("user", $user); $this->view->render("users", "modificar"); } }
/** * Authenticates the current request. If the request does not contain * auth credentials, it will generate a 401 response code and end PHP processing * If the request contain credentials, it will be checked against the database. * If the credentials are ok, it will return the User object just logged. If the * credentials are invalid, it will generate a 401 code as well and end PHP * processing. * * @return User the user just authenticated. */ public function authenticateUser() { if (!isset($_SERVER['PHP_AUTH_USER'])) { header($_SERVER['SERVER_PROTOCOL'] . ' 401 Unauthorized'); header('WWW-Authenticate: Basic realm="Rest API of MVCBLOG"'); die('This operation requires authentication'); } else { $userMapper = new UserMapper(); if ($userMapper->isValidUser($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) { return new User($_SERVER['PHP_AUTH_USER']); } else { header($_SERVER['SERVER_PROTOCOL'] . ' 401 Unauthorized'); header('WWW-Authenticate: Basic realm="Rest API of MVCBLOG"'); die('The username/password is not valid'); } } }